Skip to main content
Press slash or control plus K to focus the search. Use the arrow keys to navigate results and press enter to open a threat.
Reconnecting to live updates…

MAL-2026-10210: Malicious code in mcp-notes-server-poc-praetorian (npm)

0
Medium
Published: 07/12/2026 (07/12/2026, 20:55:56 UTC)
Source: GCVE Database
Product: mcp-notes-server-poc-praetorian

Description

The npm package mcp-notes-server-poc-praetorian version 0.1.0 contains malicious code that, upon startup, sends an unconditional HTTPS GET request to a hardcoded third-party host. This request includes the installer's process UID and the lowercase hostname, effectively exfiltrating host-identifying information to an external operator. The package is presented as a proof-of-concept but poses a privacy risk to any system running it. This exfiltration occurs before any legitimate functionality of the package is executed.

Affected software

npmghsa
mcp-notes-server-poc-praetorian
Affected versions
=0.1.0

Run on your own infrastructure? Check whether these packages are installed with threat-finder — our free open-source scanner.

AI-Powered Analysis

Machine-generated threat intelligence

AILast updated: 07/13/2026, 09:57:52 UTC

Technical Analysis

The [email protected] npm package executes a hardcoded HTTPS GET request on startup to a third-party domain (ft8swuagwwf6newi.ixx.sh), embedding sensitive host information such as the installer's process UID and hostname in the URL and User-Agent header. This behavior acts as a beacon to an out-of-band DNS/HTTP listener controlled by the package author, enabling host identification data to be logged externally. Although labeled as a proof-of-concept demonstrating arbitrary code execution risks in stdio MCP servers, the package's publication on npm exposes downstream users to unintended data leakage.

Potential Impact

Systems running [email protected] will have their process UID and hostname transmitted to a third-party server controlled by the package author. This results in host identifier exfiltration, potentially compromising privacy and enabling further targeted attacks or reconnaissance by the malicious actor. There is no indication of additional payloads or exploitation beyond this data leakage.

Mitigation Recommendations

No official patch or remediation is currently documented for this package. Users should avoid installing or running [email protected]. Since this is a malicious package published on npm, the best mitigation is to remove it from any environment where it is installed and to audit dependencies to prevent inclusion of this package. Monitor npm advisories for any updates or removals related to this package.

Pro Console: star threats, build custom feeds, automate alerts via Slack, email & webhooks.Upgrade to Pro

Technical Details

Gcve Source
db.gcve.eu
Osv Id
MAL-2026-10210
Osv Schema Version
1.7.4
Aliases
[]
Ecosystems
["npm"]
Database Specific Severity
null
Cvss Version
null

Threat ID: 6a54ae0768715ace438f8516

Added to database: 07/13/2026, 09:21:11 UTC

Last enriched: 07/13/2026, 09:57:52 UTC

Last updated: 07/13/2026, 09:57:52 UTC

Views: 2

Community Reviews

0 reviews

Crowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.

Sort by
Loading community insights…

Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.

Actions

PRO

Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.

Please log in to the Console to use AI analysis features.

Need more coverage?

Upgrade to Pro Console for AI refresh and higher limits.

For incident response and remediation, OffSeq services can help resolve threats faster.

Latest Threats

Breach by OffSeqOFFSEQFRIENDS — 25% OFF

Check if your credentials are on the dark web

Instant breach scanning across billions of leaked records. Free tier available.

Scan now
OffSeq TrainingCredly Certified

Lead Pen Test Professional

Technical5-day eLearningPECB Accredited
View courses